diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index e3995fb1c..badc58bbd 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -30,6 +30,16 @@ steps: cpu: "8" memory: "4G" + - label: ":building_construction: Run local FIPS build" + key: make-local-fips + command: ".buildkite/scripts/local_build.sh" + agents: + image: "${GO_AGENT_IMAGE}" + cpu: "8" + memory: "4G" + env: + FIPS: "true" + - label: ":building_construction: Run local build: MacOS" key: make-local-macos command: ".buildkite/scripts/local_build.sh" @@ -110,6 +120,17 @@ steps: - build/*.xml - build/coverage*.out + - label: ":smartbear-testexecute: Run FIPS provider unit tests" + key: unit-test-fips-provider + command: ".buildkite/scripts/fips_provider_test.sh" + env: + FIPS: "true" + agents: + provider: "gcp" + artifact_paths: + - build/*.xml + - build/coverage*.out + - label: ":smartbear-testexecute: Run unit tests: MacOS 13" key: unit-test-macos-13 command: ".buildkite/scripts/unit_test.sh" diff --git a/.buildkite/scripts/common.sh b/.buildkite/scripts/common.sh index d36cb3b2f..920452348 100755 --- a/.buildkite/scripts/common.sh +++ b/.buildkite/scripts/common.sh @@ -55,9 +55,10 @@ with_msft_go() { echo "Setting up microsoft/go" create_workspace check_platform_architeture - MSFT_DOWNLOAD_URL=https://aka.ms/golang/release/latest/go$(cat .go-version)-1.${platform_type}-${arch_type}.tar.gz + MSFT_DOWNLOAD_URL=https://aka.ms/golang/release/latest/go$(cat .go-version).${platform_type}-${arch_type}.tar.gz retry 5 $(curl -sL -o - $MSFT_DOWNLOAD_URL | tar -xz -f - -C ${WORKSPACE}) - export PATH="${PATH}:${WORKSPACE}/go/bin" + export PATH="${WORKSPACE}/go/bin:${PATH}" + echo "microsoft/go in ${WORKSPACE}" go version which go export PATH="${PATH}:$(go env GOPATH)/bin" diff --git a/.buildkite/scripts/fips_provider_test.sh b/.buildkite/scripts/fips_provider_test.sh new file mode 100755 index 000000000..97ddd3aa8 --- /dev/null +++ b/.buildkite/scripts/fips_provider_test.sh @@ -0,0 +1,13 @@ +#!/bin/bash + +set -euo pipefail + +source .buildkite/scripts/common.sh + +add_bin_path + +with_msft_go + +echo "Starting the provider enabled tests..." +make test-fips-provider-unit junit-report + diff --git a/Makefile b/Makefile index e51d3877b..6be2a6e5b 100644 --- a/Makefile +++ b/Makefile @@ -129,7 +129,7 @@ else $(eval ARCH := amd64) endif ifeq "${FIPS}" "true" - $(eval DOWNLOAD_URL := https://aka.ms/golang/release/latest/go${GO_VERSION}-1.linux-${ARCH}.tar.gz) + $(eval DOWNLOAD_URL := https://aka.ms/golang/release/latest/go${GO_VERSION}.linux-${ARCH}.tar.gz) else $(eval DOWNLOAD_URL := https://go.dev/dl/go${GO_VERSION}.linux-${ARCH}.tar.gz) endif diff --git a/internal/pkg/testing/certs/certs.go b/internal/pkg/testing/certs/certs.go index 8b4bd2af5..25dc384e2 100644 --- a/internal/pkg/testing/certs/certs.go +++ b/internal/pkg/testing/certs/certs.go @@ -95,7 +95,7 @@ func GenCA(t *testing.T) tls.Certificate { t.Fatalf("fail to generate RSA key: %v", err) } - ca.SubjectKeyId = generateSubjectKeyID(caKey) + ca.SubjectKeyId = generateSubjectKeyID(caKey.Public()) caBytes, err := x509.CreateCertificate(rand.Reader, ca, ca, &caKey.PublicKey, caKey) if err != nil {